[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: olcTLSCipherSuite?



Eric Irrgang wrote:
Does the TLSCipherSuite directive translate to anything in cn=config?

I'm not seeing anything when I convert my slapd.conf file and the server doesn't seem to be interpreting the directive "TLSCipherSuite HIGH:MEDIUM" the way I would expect. That is, to only allow high and medium strength connections while trying to negotiate high-strength first.

Sounds like a bug. olcTLSCipherSuite is in the schema, but you're right, I don't see it turning up. You should file an ITS for this.

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/